Bulk Noindex & Nofollow Toolkit
by WordPress
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-31537 | Hig | 0.46 | 7.1 | 0.00 | Apr 1, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in madfishdigital Bulk NoIndex & NoFollow Toolkit bulk-noindex-nofollow-toolkit-by-mad-fish allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a… | ||
| CVE-2024-29791 | Hig | 0.46 | 7.1 | 0.00 | Mar 27, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 2.01. | ||
| CVE-2023-45065 | Hig | 0.46 | 7.1 | 0.00 | Oct 18, 2023 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit plugin <= 1.42 versions. | ||
| CVE-2023-41688 | Med | 0.35 | 5.4 | 0.00 | Dec 13, 2024 | Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 1.5. | ||
| CVE-2024-8803 | Med | 0.33 | 6.1 | 0.00 | Sep 26, 2024 | The Bulk NoIndex & NoFollow Toolkit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.15. This makes it possible for unauthenticated attackers to… |
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in madfishdigital Bulk NoIndex & NoFollow Toolkit bulk-noindex-nofollow-toolkit-by-mad-fish allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a…
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 2.01.
- risk 0.46cvss 7.1epss 0.00
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit plugin <= 1.42 versions.
- risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 1.5.
- risk 0.33cvss 6.1epss 0.00
The Bulk NoIndex & NoFollow Toolkit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.15. This makes it possible for unauthenticated attackers to…